Herramienta de auditoría de seguridad de Lynis¶
__HTML_TAG_61_ Todos los comandos_HTML_TAG_62__
_
Overview¶
Lynis es una herramienta de auditoría de seguridad de código abierto para sistemas basados en Unix (Linux, macOS, BSD). Realiza análisis completos de seguridad para evaluar el endurecimiento del sistema, el cumplimiento y la postura de seguridad. Lynis revisa vulnerabilidades, malfiguraciones y ofrece recomendaciones para mejorar la seguridad del sistema.
▪ restablecimiento Advertencia: Este instrumento está destinado únicamente a auditorías de seguridad autorizadas y evaluación del sistema. Asegúrese de tener la autorización adecuada antes de ejecutar cualquier sistema.
Instalación¶
Package Manager Instalación¶
# Ubuntu/Debian
sudo apt update
sudo apt install lynis
# CentOS/RHEL/Fedora
sudo yum install lynis
# or
sudo dnf install lynis
# Arch Linux
sudo pacman -S lynis
# macOS with Homebrew
brew install lynis
# Kali Linux (pre-installed)
lynis --version
Instalación manual¶
# Download latest version
wget https://downloads.cisofy.com/lynis/lynis-3.0.8.tar.gz
tar -xzf lynis-3.0.8.tar.gz
cd lynis
# Run directly
./lynis audit system
# Install system-wide
sudo cp -R lynis /opt/
sudo ln -s /opt/lynis/lynis /usr/local/bin/lynis
Git install¶
# Clone repository
git clone https://github.com/CISOfy/lynis.git
cd lynis
# Run from source
./lynis audit system
# Update to latest version
git pull origin master
Uso básico¶
Command Structure¶
# Basic syntax
lynis [command] [options]
# Get help
lynis --help
lynis show help
# Check version
lynis --version
Available Commands¶
| Command | Description |
|---|---|
| INLINE_CODE_28 | Perform system security audit |
| INLINE_CODE_29 | Audit Dockerfile for security issues |
| INLINE_CODE_30 | Display information (commands, groups, tests) |
| INLINE_CODE_31 | Show update information |
| INLINE_CODE_32 | Configure Lynis settings |
| _ | |
| ## System Auditing |
Auditoría básica del sistema¶
# Standard system audit
sudo lynis audit system
# Quick audit (reduced tests)
sudo lynis audit system --quick
# Audit with specific tests only
sudo lynis audit system --tests-from-group authentication
# Audit with custom profile
sudo lynis audit system --profile /path/to/custom.prf
Opciones de auditoría¶
# Verbose output
sudo lynis audit system --verbose
# Quiet mode (minimal output)
sudo lynis audit system --quiet
# No colors in output
sudo lynis audit system --no-colors
# Skip specific tests
sudo lynis audit system --skip-test AUTH-9262,AUTH-9264
# Include specific tests only
sudo lynis audit system --tests AUTH-9262,AUTH-9264
Output and Reporting¶
# Generate report in specific directory
sudo lynis audit system --logfile /var/log/lynis.log --report-file /var/log/lynis-report.dat
# Upload results (requires license)
sudo lynis audit system --upload
# Cronjob mode (non-interactive)
sudo lynis audit system --cronjob
# Pentest mode (show warnings as findings)
sudo lynis audit system --pentest
Test Categorías y Grupos¶
Available Test Groups¶
Individual Test Execution¶
# List all available tests
lynis show tests
# Run specific test
sudo lynis audit system --tests AUTH-9262
# Run multiple specific tests
sudo lynis audit system --tests "AUTH-9262,AUTH-9264,AUTH-9266"
# Show test details
lynis show test AUTH-9262
Configuración y personalización¶
Archivo de configuración¶
# Default configuration locations
/etc/lynis/default.prf
~/.lynis/default.prf
./default.prf
# Create custom configuration
sudo cp /etc/lynis/default.prf /etc/lynis/custom.prf
sudo nano /etc/lynis/custom.prf
# Use custom configuration
sudo lynis audit system --profile /etc/lynis/custom.prf
Opciones de configuración común¶
# Example custom.prf configuration
# Skip specific tests
skip-test=AUTH-9262
skip-test=AUTH-9264
# Configure specific settings
config:ssh_daemon_config_file:/etc/ssh/sshd_config
config:nginx_conf_file:/etc/nginx/nginx.conf
# Set compliance standards
compliance_standards=cis,pci-dss,iso27001
# Configure plugins
plugin=compliance
plugin=security
# Set log file location
logfile=/var/log/lynis-custom.log
# Configure colors
colors=yes
# Set warning level
warning_level=normal
Environment Variables¶
# Set Lynis data directory
export LYNIS_DATA_DIR=/opt/lynis
# Set custom profile
export LYNIS_PROFILE=/etc/lynis/custom.prf
# Disable colors
export LYNIS_COLORS=no
# Set log file
export LYNIS_LOGFILE=/var/log/lynis-audit.log
Características avanzadas¶
Compliance Auditing¶
# CIS (Center for Internet Security) compliance
sudo lynis audit system --compliance cis
# PCI-DSS compliance
sudo lynis audit system --compliance pci-dss
# ISO 27001 compliance
sudo lynis audit system --compliance iso27001
# Multiple compliance standards
sudo lynis audit system --compliance "cis,pci-dss,iso27001"
# Generate compliance report
sudo lynis audit system --compliance cis --report-file /var/log/cis-compliance.dat
Container Security Auditing¶
# Audit Docker containers
sudo lynis audit dockerfile Dockerfile
# Audit container runtime
sudo lynis audit system --tests-from-group containers
# Audit specific container
docker run --rm -v /:/hostfs:ro --pid=host cisofy/lynis lynis audit system
# Kubernetes security audit
sudo lynis audit system --tests-from-group "containers,kubernetes"
Plugin System¶
# List available plugins
lynis show plugins
# Enable specific plugins
sudo lynis audit system --plugin compliance
sudo lynis audit system --plugin security
# Custom plugin development
# Create plugin in /usr/share/lynis/plugins/
# Follow plugin development guidelines
Automatización y scripting¶
Automated Security Auditing Script¶
#!/bin/bash
# Automated Lynis security audit script
HOSTNAME=$(hostname)
DATE=$(date +%Y%m%d_%H%M%S)
LOG_DIR="/var/log/lynis"
REPORT_DIR="/var/reports/lynis"
EMAIL_RECIPIENT="security@company.com"
BASELINE_SCORE=75
# Create directories
sudo mkdir -p "$LOG_DIR" "$REPORT_DIR"
# Function to run audit
run_audit() \\\\{
local audit_type=$1
local output_prefix="$\\\\{REPORT_DIR\\\\}/$\\\\{HOSTNAME\\\\}_$\\\\{audit_type\\\\}_$\\\\{DATE\\\\}"
echo "[+] Running $audit_type audit..."
sudo lynis audit system \
--cronjob \
--logfile "$\\\\{output_prefix\\\\}.log" \
--report-file "$\\\\{output_prefix\\\\}.dat" \
--tests-from-group "$audit_type"
return $?
\\\\}
# Function to parse results
parse_results() \\\\{
local report_file=$1
local audit_type=$2
if [ -f "$report_file" ]; then
# Extract key metrics
local hardening_index=$(grep "hardening_index=" "$report_file"|cut -d'=' -f2)
local tests_performed=$(grep "tests_performed=" "$report_file"|cut -d'=' -f2)
local warnings=$(grep "total_warnings=" "$report_file"|cut -d'=' -f2)
local suggestions=$(grep "total_suggestions=" "$report_file"|cut -d'=' -f2)
echo "=== $audit_type Audit Results ===" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
echo "Hardening Index: $hardening_index%" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
echo "Tests Performed: $tests_performed" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
echo "Warnings: $warnings" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
echo "Suggestions: $suggestions" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
echo "" >> "$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
# Check if score meets baseline
if [ "$hardening_index" -lt "$BASELINE_SCORE" ]; then
echo "[WARNING] Hardening index ($hardening_index%) below baseline ($BASELINE_SCORE%)"
send_alert "$audit_type audit score below baseline: $hardening_index%"
fi
fi
\\\\}
# Function to send alerts
send_alert() \\\\{
local message=$1
echo "[ALERT] $message"
echo "$message"|mail -s "Lynis Security Alert - $HOSTNAME" "$EMAIL_RECIPIENT"
\\\\}
# Function to generate HTML report
generate_html_report() \\\\{
local summary_file="$\\\\{REPORT_DIR\\\\}/summary_$\\\\{DATE\\\\}.txt"
local html_file="$\\\\{REPORT_DIR\\\\}/report_$\\\\{DATE\\\\}.html"
cat > "$html_file" << EOF
<!DOCTYPE html>
<html>
<head>
<title>Lynis Security Audit Report - $HOSTNAME</title>
<style>
body \\\\{ font-family: Arial, sans-serif; margin: 20px; \\\\}
.header \\\\{ background-color: #f0f0f0; padding: 10px; border-radius: 5px; \\\\}
.warning \\\\{ color: red; font-weight: bold; \\\\}
.good \\\\{ color: green; font-weight: bold; \\\\}
.section \\\\{ margin: 20px 0; padding: 10px; border: 1px solid #ccc; \\\\}
</style>
</head>
<body>
<div class="header">
<h1>Lynis Security Audit Report</h1>
<p>Host: $HOSTNAME</p>
<p>Date: $(date)</p>
</div>
<div class="section">
<h2>Audit Summary</h2>
<pre>$(cat "$summary_file")</pre>
</div>
<div class="section">
<h2>Recommendations</h2>
<p>Review the detailed log files for specific recommendations and remediation steps.</p>
</div>
</body>
</html>
EOF
echo "[+] HTML report generated: $html_file"
\\\\}
# Main execution
echo "[+] Starting automated Lynis security audit for $HOSTNAME"
# Run different audit categories
AUDIT_CATEGORIES=("authentication" "networking" "ssh" "filesystems" "kernel")
for category in "$\\\\{AUDIT_CATEGORIES[@]\\\\}"; do
if run_audit "$category"; then
parse_results "$\\\\{REPORT_DIR\\\\}/$\\\\{HOSTNAME\\\\}_$\\\\{category\\\\}_$\\\\{DATE\\\\}.dat" "$category"
else
echo "[ERROR] Failed to run $category audit"
send_alert "Failed to run $category audit on $HOSTNAME"
fi
done
# Generate reports
generate_html_report
# Cleanup old reports (keep last 30 days)
find "$REPORT_DIR" -name "*.log" -mtime +30 -delete
find "$REPORT_DIR" -name "*.dat" -mtime +30 -delete
echo "[+] Automated audit complete. Reports saved in $REPORT_DIR"
Continuous Monitoring Script¶
#!/bin/bash
# Continuous Lynis monitoring script
INTERVAL=86400 # 24 hours
CONFIG_FILE="/etc/lynis/monitoring.conf"
BASELINE_DIR="/var/lib/lynis/baselines"
CURRENT_DIR="/var/lib/lynis/current"
# Load configuration
if [ -f "$CONFIG_FILE" ]; then
source "$CONFIG_FILE"
fi
# Default values
ALERT_THRESHOLD=$\\\\{ALERT_THRESHOLD:-10\\\\}
EMAIL_ALERTS=$\\\\{EMAIL_ALERTS:-"security@company.com"\\\\}
SLACK_WEBHOOK=$\\\\{SLACK_WEBHOOK:-""\\\\}
# Function to create baseline
create_baseline() \\\\{
echo "[+] Creating security baseline..."
mkdir -p "$BASELINE_DIR"
sudo lynis audit system --cronjob \
--logfile "$\\\\{BASELINE_DIR\\\\}/baseline.log" \
--report-file "$\\\\{BASELINE_DIR\\\\}/baseline.dat"
# Extract baseline metrics
grep "hardening_index=" "$\\\\{BASELINE_DIR\\\\}/baseline.dat"|cut -d'=' -f2 > "$\\\\{BASELINE_DIR\\\\}/baseline_score.txt"
grep "total_warnings=" "$\\\\{BASELINE_DIR\\\\}/baseline.dat"|cut -d'=' -f2 > "$\\\\{BASELINE_DIR\\\\}/baseline_warnings.txt"
echo "[+] Baseline created successfully"
\\\\}
# Function to run current audit
run_current_audit() \\\\{
local timestamp=$(date +%Y%m%d_%H%M%S)
mkdir -p "$CURRENT_DIR"
echo "[+] Running current security audit..."
sudo lynis audit system --cronjob \
--logfile "$\\\\{CURRENT_DIR\\\\}/current_$\\\\{timestamp\\\\}.log" \
--report-file "$\\\\{CURRENT_DIR\\\\}/current_$\\\\{timestamp\\\\}.dat"
# Create symlinks to latest
ln -sf "$\\\\{CURRENT_DIR\\\\}/current_$\\\\{timestamp\\\\}.log" "$\\\\{CURRENT_DIR\\\\}/latest.log"
ln -sf "$\\\\{CURRENT_DIR\\\\}/current_$\\\\{timestamp\\\\}.dat" "$\\\\{CURRENT_DIR\\\\}/latest.dat"
return $?
\\\\}
# Function to compare with baseline
compare_with_baseline() \\\\{
local current_score=$(grep "hardening_index=" "$\\\\{CURRENT_DIR\\\\}/latest.dat"|cut -d'=' -f2)
local current_warnings=$(grep "total_warnings=" "$\\\\{CURRENT_DIR\\\\}/latest.dat"|cut -d'=' -f2)
if [ -f "$\\\\{BASELINE_DIR\\\\}/baseline_score.txt" ]; then
local baseline_score=$(cat "$\\\\{BASELINE_DIR\\\\}/baseline_score.txt")
local baseline_warnings=$(cat "$\\\\{BASELINE_DIR\\\\}/baseline_warnings.txt")
local score_diff=$((current_score - baseline_score))
local warning_diff=$((current_warnings - baseline_warnings))
echo "[+] Security Score: $current_score% (baseline: $baseline_score%, diff: $score_diff%)"
echo "[+] Warnings: $current_warnings (baseline: $baseline_warnings, diff: $warning_diff)"
# Check for significant degradation
if [ "$score_diff" -lt "-$ALERT_THRESHOLD" ]; then
send_alert "Security score degraded by $\\\\{score_diff\\\\}% (current: $current_score%, baseline: $baseline_score%)"
fi
if [ "$warning_diff" -gt "$ALERT_THRESHOLD" ]; then
send_alert "Warning count increased by $warning_diff (current: $current_warnings, baseline: $baseline_warnings)"
fi
else
echo "[WARNING] No baseline found. Creating baseline..."
create_baseline
fi
\\\\}
# Function to send alerts
send_alert() \\\\{
local message=$1
local hostname=$(hostname)
local timestamp=$(date)
echo "[ALERT] $message"
# Email alert
if [ ! -z "$EMAIL_ALERTS" ]; then
echo "Security Alert for $hostname at $timestamp: $message"|\
mail -s "Lynis Security Alert - $hostname" "$EMAIL_ALERTS"
fi
# Slack alert
if [ ! -z "$SLACK_WEBHOOK" ]; then
curl -X POST -H 'Content-type: application/json' \
--data "\\\\{\"text\":\"🚨 Security Alert for $hostname: $message\"\\\\}" \
"$SLACK_WEBHOOK"
fi
# Syslog
logger "LYNIS_ALERT: $message"
\\\\}
# Function to generate trend report
generate_trend_report() \\\\{
local report_file="/var/reports/lynis_trend_$(date +%Y%m%d).html"
cat > "$report_file" << EOF
<!DOCTYPE html>
<html>
<head>
<title>Lynis Security Trend Report</title>
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
</head>
<body>
<h1>Security Trend Analysis</h1>
<canvas id="trendChart" width="400" height="200"></canvas>
<script>
// Generate trend chart from historical data
// This would be populated with actual historical data
var ctx = document.getElementById('trendChart').getContext('2d');
var chart = new Chart(ctx, \\\\{
type: 'line',
data: \\\\{
labels: ['Week 1', 'Week 2', 'Week 3', 'Week 4'],
datasets: [\\\\{
label: 'Security Score',
data: [75, 78, 76, 80],
borderColor: 'rgb(75, 192, 192)',
tension: 0.1
\\\\}]
\\\\},
options: \\\\{
responsive: true,
scales: \\\\{
y: \\\\{
beginAtZero: true,
max: 100
\\\\}
\\\\}
\\\\}
\\\\});
</script>
</body>
</html>
EOF
echo "[+] Trend report generated: $report_file"
\\\\}
# Main monitoring loop
echo "[+] Starting Lynis continuous monitoring"
echo "[+] Interval: $INTERVAL seconds"
echo "[+] Alert threshold: $ALERT_THRESHOLD"
# Create baseline if it doesn't exist
if [ ! -f "$\\\\{BASELINE_DIR\\\\}/baseline.dat" ]; then
create_baseline
fi
while true; do
echo "[+] $(date): Running security audit..."
if run_current_audit; then
compare_with_baseline
# Generate weekly trend report
if [ "$(date +%u)" -eq 1 ]; then # Monday
generate_trend_report
fi
else
send_alert "Failed to run security audit"
fi
echo "[+] $(date): Audit complete, sleeping for $INTERVAL seconds"
sleep "$INTERVAL"
done
Compliance Reporting Script¶
#!/bin/bash
# Compliance reporting script for multiple standards
STANDARDS=("cis" "pci-dss" "iso27001")
OUTPUT_DIR="/var/reports/compliance"
DATE=$(date +%Y%m%d)
# Function to run compliance audit
run_compliance_audit() \\\\{
local standard=$1
local output_file="$\\\\{OUTPUT_DIR\\\\}/$\\\\{standard\\\\}_compliance_$\\\\{DATE\\\\}"
echo "[+] Running $standard compliance audit..."
sudo lynis audit system \
--compliance "$standard" \
--cronjob \
--logfile "$\\\\{output_file\\\\}.log" \
--report-file "$\\\\{output_file\\\\}.dat"
# Generate compliance summary
generate_compliance_summary "$standard" "$\\\\{output_file\\\\}.dat"
\\\\}
# Function to generate compliance summary
generate_compliance_summary() \\\\{
local standard=$1
local report_file=$2
local summary_file="$\\\\{OUTPUT_DIR\\\\}/$\\\\{standard\\\\}_summary_$\\\\{DATE\\\\}.txt"
if [ -f "$report_file" ]; then
echo "=== $standard Compliance Summary ===" > "$summary_file"
echo "Date: $(date)" >> "$summary_file"
echo "Host: $(hostname)" >> "$summary_file"
echo "" >> "$summary_file"
# Extract compliance metrics
local total_tests=$(grep "tests_performed=" "$report_file"|cut -d'=' -f2)
local passed_tests=$(grep -c "result=OK" "$report_file")
local failed_tests=$(grep -c "result=WARNING\|result=SUGGESTION" "$report_file")
local compliance_percentage=$((passed_tests * 100 / total_tests))
echo "Total Tests: $total_tests" >> "$summary_file"
echo "Passed: $passed_tests" >> "$summary_file"
echo "Failed: $failed_tests" >> "$summary_file"
echo "Compliance: $compliance_percentage%" >> "$summary_file"
echo "" >> "$summary_file"
# Extract failed controls
echo "Failed Controls:" >> "$summary_file"
grep "result=WARNING\|result=SUGGESTION" "$report_file"|\
sed 's/.*test=\([^|]*\).*/\1/'|sort -u >> "$summary_file"
echo "[+] $standard compliance summary generated: $summary_file"
fi
\\\\}
# Main execution
mkdir -p "$OUTPUT_DIR"
for standard in "$\\\\{STANDARDS[@]\\\\}"; do
run_compliance_audit "$standard"
done
# Generate consolidated report
echo "[+] Generating consolidated compliance report..."
cat "$\\\\{OUTPUT_DIR\\\\}"/*_summary_$\\\\{DATE\\\\}.txt > "$\\\\{OUTPUT_DIR\\\\}/consolidated_compliance_$\\\\{DATE\\\\}.txt"
echo "[+] Compliance reporting complete. Reports saved in $OUTPUT_DIR"
Integración con otras herramientas¶
SIEM Integration¶
# Syslog integration for SIEM
# Configure rsyslog to forward Lynis alerts
echo "if \$msg contains 'LYNIS_ALERT' then @@siem.company.com:514"|sudo tee -a /etc/rsyslog.conf
sudo systemctl restart rsyslog
# JSON output for structured logging
sudo lynis audit system --cronjob|jq -R -s -c 'split("\n")|map(select(length > 0))'
Ansible Integration¶
# Ansible playbook for Lynis deployment
---
- name: Deploy and run Lynis security audit
hosts: all
become: yes
tasks:
- name: Install Lynis
package:
name: lynis
state: present
- name: Create Lynis directories
file:
path: "\\\\{\\\\{ item \\\\}\\\\}"
state: directory
mode: '0755'
loop:
- /var/log/lynis
- /var/reports/lynis
- name: Copy Lynis configuration
template:
src: lynis.prf.j2
dest: /etc/lynis/custom.prf
mode: '0644'
- name: Run Lynis audit
command: lynis audit system --cronjob --profile /etc/lynis/custom.prf
register: lynis_result
- name: Collect Lynis reports
fetch:
src: /var/log/lynis.log
dest: ./reports/\\\\{\\\\{ inventory_hostname \\\\}\\\\}_lynis.log
flat: yes
Docker Integration¶
# Dockerfile for Lynis container
FROM ubuntu:20.04
RUN apt-get update && \
apt-get install -y lynis && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
COPY lynis-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/lynis-entrypoint.sh
ENTRYPOINT ["/usr/local/bin/lynis-entrypoint.sh"]
CMD ["audit", "system"]
Performance Optimization¶
Resource Management¶
# Optimize for large systems
sudo lynis audit system --quick --no-colors
# Limit specific resource-intensive tests
sudo lynis audit system --skip-test KRNL-6000,PROC-3602
# Run with nice priority
sudo nice -n 10 lynis audit system
# Monitor resource usage
top -p $(pgrep lynis)
Parallel Execution¶
# Run multiple test groups in parallel
sudo lynis audit system --tests-from-group authentication &
sudo lynis audit system --tests-from-group networking &
sudo lynis audit system --tests-from-group ssh &
wait
# Parallel compliance audits
for standard in cis pci-dss iso27001; do
sudo lynis audit system --compliance "$standard" &
done
wait
Troubleshooting¶
Common Issues¶
# Permission issues
sudo chown -R root:root /usr/share/lynis
sudo chmod +x /usr/share/lynis/lynis
# Missing dependencies
sudo apt install --fix-missing
# Configuration issues
lynis show settings
lynis show profile
# Test execution issues
sudo lynis audit system --debug --verbose
Debug Mode¶
# Enable debug output
sudo lynis audit system --debug
# Verbose logging
sudo lynis audit system --verbose --logfile /tmp/lynis-debug.log
# Test specific functionality
lynis show tests|grep AUTH
sudo lynis audit system --tests AUTH-9262 --debug
Log Analysis¶
# Analyze Lynis logs
grep "WARNING\|SUGGESTION" /var/log/lynis.log
# Extract hardening recommendations
grep "Hardening" /var/log/lynis.log
# Monitor real-time execution
tail -f /var/log/lynis.log
Buenas prácticas¶
Estrategia de Auditoría de Seguridad¶
- ** Auditorías periódicas**: auditorías semanales o mensuales
- ** Establecimiento básico**: Crear bases de datos de seguridad para la comparación
- ** Mejoras internas**: Abordar sistemáticamente las conclusiones
- ** Cartografía de cumplimiento**: Conclusiones del mapa sobre los requisitos de cumplimiento
- ** Análisis de tendencias**: Supervisar la postura de seguridad con el tiempo
Consideraciones operacionales¶
# Production-safe auditing
sudo lynis audit system --quick --cronjob
# Staged rollout
# 1. Test on development systems
# 2. Validate on staging environment
# 3. Deploy to production with monitoring
# Change management
# Document all configuration changes
# Track remediation progress
# Validate fixes with re-audits
Reporting and Communication¶
# Executive summary generation
grep "hardening_index\|total_warnings\|total_suggestions" /var/log/lynis-report.dat
# Technical details for teams
grep "suggestion\|warning" /var/log/lynis.log|head -20
# Compliance reporting
sudo lynis audit system --compliance cis --report-file cis-compliance.dat
Resources¶
- [Lynis Official Website](URL_66__ [Lynis GitHub Repository](URL_67__
- [Lynis Documentation](URL_68__
- [CIS Benchmarks](URL_69_
- [Guías de endurecimiento de seguridad](URL_70__
-...
*Esta hoja de trampa proporciona una referencia completa para el uso de Lynis. Siempre asegúrese de tener una autorización adecuada antes de realizar auditorías de seguridad y evaluaciones del sistema. *